Added allowed list of field instead of checking the ones to be rejected

reject
This commit is contained in:
Luca Frosini 2019-10-04 14:16:34 +02:00
parent 68e12bf99a
commit 7322b7d43e
1 changed files with 12 additions and 13 deletions

View File

@ -258,7 +258,7 @@ public class CKANPackage extends CKAN {
} }
parameters.put(START_KEY, String.valueOf(offset * limit)); parameters.put(START_KEY, String.valueOf(offset * limit));
if(uriInfo!=null) { if(uriInfo != null) {
MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters(); MultivaluedMap<String,String> queryParameters = uriInfo.getQueryParameters();
parameters = checkListParameters(queryParameters, parameters); parameters = checkListParameters(queryParameters, parameters);
} }
@ -274,19 +274,19 @@ public class CKANPackage extends CKAN {
matches.add(q.substring(m.start(), m.end())); matches.add(q.substring(m.start(), m.end()));
} }
if(matches.size()>0) { if(matches.size() > 0) {
StringBuilder error = new StringBuilder(); StringBuilder error = new StringBuilder();
error.append("Organization filters is constrained to VRE. "); error.append("Organization filters is constrained to VRE. ");
if(matches.size()>1) { if(matches.size() > 1) {
error.append("Remove these filters "); error.append("Remove these filters ");
}else { } else {
error.append("Remove this filter "); error.append("Remove this filter ");
} }
boolean first = true; boolean first = true;
for(String match : matches) { for(String match : matches) {
if(!first) { if(!first) {
error.append(", "); error.append(", ");
}else { } else {
first = false; first = false;
} }
error.append("["); error.append("[");
@ -297,6 +297,9 @@ public class CKANPackage extends CKAN {
} }
} }
protected static String[] allowedFilters = new String[] {"q", "fq", "fq_list", "sort", "facet", "facet.mincount",
"facet.limit", "facet.field", "include_drafts", "include_private", "ext_bbox", "fl"};
protected Map<String,String> checkListParameters(MultivaluedMap<String,String> queryParameters, protected Map<String,String> checkListParameters(MultivaluedMap<String,String> queryParameters,
Map<String,String> parameters) { Map<String,String> parameters) {
@ -332,14 +335,10 @@ public class CKANPackage extends CKAN {
// q=organization:nextnext // q=organization:nextnext
} }
for(String key : queryParameters.keySet()) { for(String key : allowedFilters) {
// if 'rows' and 'start' are provided they replace the values imposed by caller if(queryParameters.containsKey(key)) {
// provided limit and offset parameter which are the gCat interface are not passed to CKAN parameters.put(key, queryParameters.getFirst(key));
if(key.compareTo(GCatConstants.LIMIT_PARAMETER) == 0
|| key.compareTo(GCatConstants.OFFSET_PARAMETER) == 0) {
continue;
} }
parameters.put(key, queryParameters.getFirst(key));
} }
// parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true)); // parameters.put(INCLUDE_PRIVATE_KEY, String.valueOf(true));